Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/9QxiwGVY9imXhYuDbOZ9sG79fdg.roa
File: 9QxiwGVY9imXhYuDbOZ9sG79fdg.roa (raw, json)
Hash identifier: fwXqCSr1VQnVulM15uftfNy6Sm08KdLcpgisMCzUvwQ=
Subject key identifier: F5:0C:62:C0:65:58:F6:29:97:85:8B:83:6C:E6:7D:B0:6E:FD:7D:D8
Certificate issuer: /CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Certificate serial: 018268D95E21DCE01B21453EED90F8246C0E
Authority key identifier: 1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/9QxiwGVY9imXhYuDbOZ9sG79fdg.roa
Signing time: Thu 04 Aug 2022 12:34:12 +0000
ROA not before: Thu 04 Aug 2022 12:34:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21263
IP address blocks: 185.35.211.0/24 maxlen: 24
2a02:778:40e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:d9:5e:21:dc:e0:1b:21:45:3e:ed:90:f8:24:6c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c39d57936dd2d1521443e68dadd9d0949cde33f
Validity
Not Before: Aug 4 12:34:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f50c62c06558f62997858b836ce67db06efd7dd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d9:e6:c2:d5:1d:2d:58:a4:a1:f5:f3:21:1f:
3f:8e:3b:51:fe:02:77:4b:c8:fb:2a:91:26:0d:11:
72:4b:c9:17:2d:c1:d9:59:ef:d7:a8:77:fa:a5:eb:
42:b0:66:a0:c1:ba:bf:58:45:ee:eb:24:59:31:9c:
1a:05:17:25:5b:73:5f:95:46:bd:3b:d7:c3:e6:a5:
9a:de:72:e7:34:33:3e:9f:5d:90:d1:22:9c:1f:0b:
dc:6f:27:15:ff:16:52:63:9f:57:5c:82:04:a2:af:
1a:3c:b3:a4:1d:45:99:b2:3e:be:81:05:96:9c:30:
24:f5:eb:9c:c2:3f:6d:20:d5:79:cb:fc:57:99:1b:
42:50:ce:8c:e4:b4:24:66:80:f0:22:28:8b:33:71:
1a:c5:dd:61:9d:53:61:56:0a:3c:fa:33:33:35:e1:
c9:92:44:7d:75:32:73:88:cd:46:3f:1f:fc:7a:f1:
68:02:57:fc:fc:46:21:2b:42:79:31:79:0b:2c:0d:
ce:ab:06:ff:89:4b:e4:04:a3:a1:f1:66:1e:02:5c:
be:ce:30:84:b4:93:4f:83:55:70:93:9e:2b:a4:3f:
0b:63:21:cd:71:b4:86:64:00:fe:26:62:f9:e0:0b:
f6:72:a0:fb:1d:0c:53:d2:1b:d8:c3:ff:b6:ca:6c:
a3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0C:62:C0:65:58:F6:29:97:85:8B:83:6C:E6:7D:B0:6E:FD:7D:D8
X509v3 Authority Key Identifier:
keyid:1C:39:D5:79:36:DD:2D:15:21:44:3E:68:DA:DD:9D:09:49:CD:E3:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDnVeTbdLRUhRD5o2t2dCUnN4z8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/9QxiwGVY9imXhYuDbOZ9sG79fdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/d3856f-029c-446a-ae7d-d7c5da7c1676/1/HDnVeTbdLRUhRD5o2t2dCUnN4z8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.211.0/24
IPv6:
2a02:778:40e::/48
Signature Algorithm: sha256WithRSAEncryption
c1:de:56:a9:fc:f5:94:a7:4e:d7:09:a1:83:aa:c5:b5:5f:53:
31:f3:04:ab:f9:77:0a:65:a8:44:6f:40:67:16:46:cd:dc:13:
f1:28:b7:a8:60:f3:2d:bb:e8:1d:74:fc:fa:1f:c9:6c:0a:28:
69:a7:b2:12:00:0d:41:7a:b4:1b:bc:5b:5b:3a:6e:21:28:eb:
0f:78:3a:4e:15:34:7f:d1:b4:f9:33:5f:03:f4:4a:4a:90:ee:
3e:14:a0:9b:58:76:92:1d:c7:9d:d3:dd:5f:4c:38:ad:f0:4d:
c3:0e:d1:86:00:12:02:75:e0:fb:a6:7b:c1:55:74:59:08:62:
11:8e:fb:8a:13:0a:d7:d7:1a:a3:27:10:17:9d:06:57:80:01:
42:5c:1d:23:9a:8e:bf:53:a0:aa:f9:46:c2:3b:9e:f1:b5:b4:
eb:c6:07:ea:ec:4c:84:02:2c:fe:b3:d4:46:69:8b:36:10:e9:
54:4a:be:2b:bb:93:a4:ba:9e:ac:97:bb:df:d4:78:fd:fc:7c:
6d:f7:79:49:15:6f:8f:93:f5:50:e6:e1:b8:db:86:9f:73:a7:
87:1b:98:35:01:d7:ee:33:5a:41:ba:e5:ea:02:7f:ba:c6:ff:
2f:50:db:f9:e6:b0:14:a0:47:45:78:70:5c:22:4f:8e:ee:62:
69:7e:9b:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYJo2V4h3OAbIUU+7ZD4JGwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzlkNTc5MzZkZDJkMTUyMTQ0M2U2OGRhZGQ5ZDA5NDlj
ZGUzM2YwHhcNMjIwODA0MTIzNDEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTBjNjJjMDY1NThmNjI5OTc4NThiODM2Y2U2N2RiMDZlZmQ3ZGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9nmwtUdLVikofXzIR8/jjtR/gJ3
S8j7KpEmDRFyS8kXLcHZWe/XqHf6petCsGagwbq/WEXu6yRZMZwaBRclW3NflUa9
O9fD5qWa3nLnNDM+n12Q0SKcHwvcbycV/xZSY59XXIIEoq8aPLOkHUWZsj6+gQWW
nDAk9eucwj9tINV5y/xXmRtCUM6M5LQkZoDwIiiLM3Eaxd1hnVNhVgo8+jMzNeHJ
kkR9dTJziM1GPx/8evFoAlf8/EYhK0J5MXkLLA3Oqwb/iUvkBKOh8WYeAly+zjCE
tJNPg1Vwk54rpD8LYyHNcbSGZAD+JmL54Av2cqD7HQxT0hvYw/+2ymyjxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPUMYsBlWPYpl4WLg2zmfbBu/X3YMB8GA1UdIwQY
MBaAFBw51Xk23S0VIUQ+aNrdnQlJzeM/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2Qt
ZDdjNWRhN2MxNjc2LzEvOVF4aXdHVlk5aW1YaFl1RGJPWjlzRzc5ZmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9kMzg1NmYtMDI5Yy00NDZhLWFlN2QtZDdjNWRhN2MxNjc2
LzEvSERuVmVUYmRMUlVoUkQ1bzJ0MmRDVW5ONHo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuSPTMA8E
AgACMAkDBwAqAgd4BA4wDQYJKoZIhvcNAQELBQADggEBAMHeVqn89ZSnTtcJoYOq
xbVfUzHzBKv5dwplqERvQGcWRs3cE/Eot6hg8y276B10/PofyWwKKGmnshIADUF6
tBu8W1s6biEo6w94Ok4VNH/RtPkzXwP0SkqQ7j4UoJtYdpIdx53T3V9MOK3wTcMO
0YYAEgJ14Pume8FVdFkIYhGO+4oTCtfXGqMnEBedBleAAUJcHSOajr9ToKr5RsI7
nvG1tOvGB+rsTIQCLP6z1EZpizYQ6VRKviu7k6S6nqyXu9/UeP38fG33eUkVb4+T
9VDm4bjbhp9zp4cbmDUB1+4zWkG65eoCf7rG/y9Q2/nmsBSgR0V4cFwiT47uYml+
m34=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:20 2023 by rpki-client on console-ams.rpki-client.org